Linux Malware
-
Transparent Tribe targets Indian government with dual-platform Linux and Windows malware, researchers say
Researchers say the Transparent Tribe (APT36) has expanded its assault on Indian government networks with a cross‑platform campaign targeting Windows and Linux‑BOSS systems through spear‑phishing, weaponized desktop shortcuts, and a Go‑based backdoor, complemented by anti‑analysis techniques and 2FA‑focused phishing.
-
DripDropper Linux malware patches exploited flaw to lock out rivals, Red Canary says
Red Canary researchers describe DripDropper, a Linux malware that exploits Apache ActiveMQ CVE-2023-46604 to gain access to cloud servers, then patches the vulnerability to keep rivals out and maintain control, using Sliver for persistence and Dropbox as a command channel.
-
New GhostContainer Malware Targets Microsoft Exchange Servers in Asia
Kaspersky’s SecureList reveals GhostContainer, a new malware targeting Microsoft Exchange servers in Asia, allowing attackers extensive control and potential data exfiltration.
-
Supply Chain Attack Targets Popular npm Packages with Malware Injection
A supply chain attack has compromised several popular npm packages, with researchers warning that malicious code injected through phishing campaigns could exploit maintainers’ credentials, leading to potential remote code execution.
-
Malware-as-a-Service Campaign Exploits GitHub for Distribution
Cisco’s Talos security team has exposed a malware-as-a-service operation utilizing GitHub for malicious software distribution, raising concerns over cybersecurity in enterprise environments.
-
Cybersecurity Researchers Uncover Advanced Matanbuchus 3.0 Malware Targeting Microsoft Teams
Cybersecurity experts have identified a new variant of the Matanbuchus malware that exploits Microsoft Teams. This advanced loader has sophisticated stealth capabilities, enhancing its potential for evading detection and targeting company employees through social engineering tactics.
-
New Android Malware Campaign Targeting Telegram Users Uncovered
A recent study by BforeAI reveals a malware campaign deceiving Android users into downloading fake Telegram applications from hundreds of malicious domains, utilizing tactics such as QR code redirects and lookalike websites.
-
State-Sponsored HazyBeacon Malware Targets Southeast Asian Governments
A new cyber espionage campaign targets Southeast Asian governments using the HazyBeacon malware, which leverages trusted cloud services for data exfiltration and evasion of detection.
-
DoNot APT Group Launches Cyber Espionage Attack on European Foreign Affairs Ministry
The DoNot APT group has launched a sophisticated cyber espionage attack on a European foreign affairs ministry, marking a significant expansion beyond its traditional focus on South Asia, according to researchers at Trellix.
-
New macOS Malware ZuRu Discovered Targeting Users Through Legitimate Software
Security researchers have identified a new macOS malware called ZuRu, which propagates via trojanized versions of legitimate software such as Termius. Discovered by SentinelOne, the malware adapts techniques to target users seeking trusted apps, reflecting an opportunistic threat landscape for macOS users.
